diff options
| author | Artik Banana <lid@tuta.io> | 2018-05-06 14:19:29 +0000 |
|---|---|---|
| committer | Artik Banana <lid@tuta.io> | 2018-05-06 14:19:29 +0000 |
| commit | 0a1fd8adf0c28a5a9384555e3d27a947ee904a62 (patch) | |
| tree | fe9290d0256b74c84be4a8f907c5e9652ce3d0b6 /installation | |
| parent | 1e83727fdd61de05d734e8395996cb695c4b1e15 (diff) | |
| download | pleroma-0a1fd8adf0c28a5a9384555e3d27a947ee904a62.tar.gz pleroma-0a1fd8adf0c28a5a9384555e3d27a947ee904a62.zip | |
Added headers for a more secure default.
Diffstat (limited to 'installation')
| -rw-r--r-- | installation/pleroma.nginx | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index 895799a8e..44905da49 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -59,6 +59,16 @@ server { } # stop removing lines here. + add_header X-XSS-Protection "1; mode=block"; + add_header X-Permitted-Cross-Domain-Policies none; + add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + add_header Referrer-Policy same-origin; + add_header X-Download-Options noopen; + + # Uncomment this only after you get HTTPS working. + # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; + proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; |